​Risk and Compliance services

Data Protection Act

We understand the DPA and, more importantly, we know the areas where organisations typically struggle to be compliant. We know that the best way to drive compliance is through a combination of technical, procedural and cultural measures.

As you're ​required to register with the Information Commissioners Office (ICO) if you are processing personal data, we know what the ICO is looking for and can advise on which areas to focus on as priorities – such as the importance of protecting information proportionally to its sensitivity.

Why Choose 7Safe for data protection requirements?

Ensuring the ongoing confidentiality, integrity, availability and resilience of processing systems and services is a requirement of the GDPR. Our experienced data protection consultants can help you to achieve this by establishing and testing the internal procedures needed to ensure timely notification.

How we can help

Along with expert advice we also have a track record of actually implementing procedures to better manage data protection requirements. This includes establishing and testing the internal procedures needed to ensure timely notification of any data disclosures, or building in reporting structures to ensure that near misses are recorded and learnt from.

An increasing area of focus is assisting those organisations who are moving elements of their IT into the cloud or to global service providers – when good data classification and user guidelines are vital to ensuring personal data remains within the correct legal jurisdiction. We can provide pre-deployment assurance to check that any move into the cloud is done knowing that data protection measures are still safeguarded.

We are also able to draw on data privacy consultants from PA’s global offices that can assist with advising on data protection requirements in other geographies.

Are you aware that...

Data Protection

You could be fined up to £500,000

You could be fined up to £500,000 for serious breaches or be issued an enforcement notice by the Information Commissioners Office (ICO) for failure to protect personal information

The Data Protection Act 1998 applies to every business or individual

The Data Protection Act 1998 applies to every business or individual who process or have access to personally identifiable information within the UK. The Information Commissioner's Office (ICO) is the official arbiter of information rights. It upholds information rights in the public interest, promoting openness by public bodies and data privacy for individuals.

You, as a business, have to comply with DPA if operating within the UK

Which could often be seen as a painful burden, but we believe that good data protection practices actually can benefit the organisation. Being able to demonstrate that you are lawfully processing both customer and staff information is a mark of an organisation that can be trusted and should bring significant business benefits which outweigh the efforts and costs involved.

A new EU data protection requirement is currently being developed

Despite Brexit, in 2018 the General Data Protection Act (GDPR) will be enforced for all companies operating within Europe, for more information see our GDPR page.